Claude Code v2.1.145: JSON Agent Listing, OTEL Span Fixes, Security Patch, and More

Claude Code v2.1.145 ships with a handful of practical additions and a security fix you'll want to update for. The headline feature is claude agents --json, which lets you script against live agent sessions — think tmux-resurrect, status bars, or custom session pickers.

JSON Agent Listing

Run claude agents --json to get a machine-readable list of active Claude sessions. Each entry includes agent ID, status, and other metadata. This makes it straightforward to build integrations without parsing terminal output.

Security Fix: Permission Bypass

A permission-prompt bypass was fixed where bare variable assignments to non-allowlisted environment variables in Bash commands were auto-approved. Update to ensure your env vars are still gated by the permission system.

OTEL Span Improvements

Telemetry gets smarter: claude_code.tool spans now carry agent_id and parent_agent_id attributes. Background subagent spans properly nest under the dispatching Agent tool span, giving you accurate trace trees.

Status Line & GitHub PR Info

The status line JSON input now includes detected GitHub repo and PR information — useful for automated workflows that react to the current repository context.

Plugin Discover & Browse

Before installing a plugin, /plugin Discover and Browse screens now show the plugin's commands, agents, skills, hooks, and MCP/LSP servers. No more guesswork.

Terminal Tab Title

The claude agents terminal tab title now displays the awaiting-input count, so you can alt-tab and see at a glance which agent needs attention.

Bug Fixes & Behavior Changes

• Read tool: When a whole-file read exceeds the token limit, the tool now returns a truncated first page with a "PARTIAL view" notice instead of a hard error.
• MCP slash commands: Raw server validation errors are replaced with a message naming the missing argument and showing expected usage.
• Spinner freeze: The spinner and elapsed-time display no longer freeze after terminal resize or refocus.
• Windows PowerShell: Cross-project resume hint now uses ; as the command separator (fixes Windows PowerShell 5.1).
• Task list order: Tasks created at once now render in deterministic order.
• Marketplace banner: Stale "Failed to install" banner no longer shows when already installed.
• PR badge: Updates immediately after gh pr create and similar PR-state-changing commands.
• Non-ASCII names: Agent Teams teammates with non-ASCII names no longer fail API calls due to invalid header encoding.
• /review: No longer uses the deprecated projectCards GraphQL query — fixes errors on repos with Classic Projects.
• Plugin validate: Now flags skills: entries pointing to a file instead of a directory, with a suggestion to use the parent directory.
• Skill context:fork: Fixed an infinite loop where a skill using context: fork could repeatedly re-invoke itself.

Update to v2.1.145 to get the security fix, scripting capability, and smoother MCP/skill behavior.